Image composition by Thursday Review

Russians May Have Been Behind White House Cyber-Attack
| published April 8, 2015 |

By Thursday Review staff

The same Russian hackers who gained access to the U.S. State Department’s computer network may have employed a set of codes and purloined scripts to unlock backdoor access to the White House computer network.

The State Department cyber-attack, which was first discovered back in November, was thought to have been shut down by the security experts at Foggy Bottom, but now there is strong evidence that the Russian hackers may have retained access, all the time quietly using it as a tool to gain entry into the network at the White House. Some cyber-analysts suggest that the White House may have been the intended target all along, and the State Department breach was merely the first step in a more complex assault.

The State Department’s cyber-breach is now believed to have been an ongoing attack despite the best efforts of U.S. computer officials to close the breach and stave off the assault. The cyber-attack raises disturbing questions about how to maintain security and safety on U.S. government websites.

The White House—which maintains two parallel computer networks, one more secure than the other—has minimized concern over the breach by explaining that the hackers have only gained access to the less secure, public-facing website, not the high-security network. On CNN, White House deputy national security advisor Ben Rhodes said that it is extremely unlikely that the hackers could gain access to the more critical of the two networks. The White House maintains two networks for precisely that reason: to keep the most sensitive and secret of information and data out of reach of hackers, whether domestic or foreign.

News of the seriousness of the cyber-intrusion came on the same day that much of Washington, D.C. faced a power outage. That electric outage affected tens of thousands of government workers and thousands of tourists to the nation’s capital, and caused the shutdown of museums, public buildings, schools, businesses, and some government agencies—including the State Department, where a press conference was being held on live television. Some videographers at the press conference used battery-powered camera and sound equipment, as the State Department spokesperson used her iPhone to illuminate the podium. Vehicular traffic was snarled on hundreds of streets and at scores of major intersections.

Later in the day, officials for several nearby electric companies said that the blackout had nothing to do with a cyber-security intrusion or computer networks, but was instead the result of a broken transformer and fallen transmission lines. When the transformer failed, it caused a cascade of failures across several counties in Maryland and Virginia, and shut down power in hundreds of large buildings in the District of Columbia.

The White House, though not officially pointing the finger at Russia, has nonetheless told numerous reporters that its own internal investigation into the cyber-attack shows that Russian hackers are responsible for the data breach. Several computer experts looking into the breach at the State Department have said that the hackers have maintained some effective control—albeit quietly—over its computer network, and have used State’s servers and computers as a bridgehead into the White House. The two networks are closely related, and electronic communications between State and the White House are more-or-less continuous, giving hackers plenty of opportunities to find a pipeline from one network to the other.

In an article in Fortune Magazine, writer Robert Hackett suggests that the tool most likely used by the hackers was an attachment embedded in an email—one of the most common forms of entry into a computer, a server, or a network. After a State Department employee clicked on the link, which acted as a Trojan Horse, it gave hackers control of at least one person’s email account. Once inside, it would have taken an experienced hacker only hours or even minutes to gain access to the whole network.

Related Thursday Review articles:

Clinton’s Email Problems Trigger Legal Actions; Thursday Review staff; March 28, 2015.

Lessons of the Turkish Power Outage; R. Alan Clanton; Thursday Review; April 3, 2015.